ID de Prueba:	1.3.6.1.4.1.25623.1.0.123005
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2015-1778)
Resumen:	The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-1778 advisory.
Descripción:	Summary: The remote host is missing an update for the 'kernel' package(s) announced via the ELSA-2015-1778 advisory. Vulnerability Insight: [3.10.0-229.14.1.OL7] - Oracle Linux certificates (Alexey Petrenko) [3.10.0-229.14.1] - [s390] zcrypt: Fixed reset and interrupt handling of AP queues (Hendrik Brueckner) [1248381 1238230] [3.10.0-229.13.1] - [dma] ioat: fix tasklet tear down (Herton R. Krzesinski) [1251523 1210093] - [drm] radeon: Fix VGA switcheroo problem related to hotplug (missing hunk) (Rob Clark) [1207879 1223472] - [security] keys: Ensure we free the assoc array edit if edit is valid (David Howells) [1246039 1244171] {CVE-2015-1333} - [net] tcp: properly handle stretch acks in slow start (Florian Westphal) [1243903 1151756] - [net] tcp: fix no cwnd growth after timeout (Florian Westphal) [1243903 1151756] - [net] tcp: increase throughput when reordering is high (Florian Westphal) [1243903 1151756] - [of] Fix sysfs_dirent cache integrity issue (Gustavo Duarte) [1249120 1225539] - [tty] vt: don't set font mappings on vc not supporting this (Jarod Wilson) [1248384 1213538] - [scsi] fix regression in scsi_send_eh_cmnd() (Ewan Milne) [1243412 1167454] - [net] udp: fix behavior of wrong checksums (Denys Vlasenko) [1240760 1240761] {CVE-2015-5364 CVE-2015-5366} - [fs] Convert MessageID in smb2_hdr to LE (Sachin Prabhu) [1238693 1161441] - [x86] bpf_jit: fix compilation of large bpf programs (Denys Vlasenko) [1236938 1236939] {CVE-2015-4700} - [net] sctp: fix ASCONF list handling (Marcelo Leitner) [1227960 1206474] {CVE-2015-3212} - [fs] ext4: allocate entire range in zero range (Lukas Czerner) [1193909 1187071] {CVE-2015-0275} - [x86] ASLR bruteforce possible for vdso library (Jacob Tanenbaum) [1184898 1184899] {CVE-2014-9585} [3.10.0-229.12.1] - [ethernet] ixgbe: remove CIAA/D register reads from bad VF check (John Greene) [1245597 1205903] - [kernel] sched: Avoid throttle_cfs_rq() racing with period_timer stopping (Rik van Riel) [1241078 1236413] Affected Software/OS: 'kernel' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9585 BugTraq ID: 71990 http://www.securityfocus.com/bid/71990 Debian Security Information: DSA-3170 (Google Search) http://www.debian.org/security/2015/dsa-3170 http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148480.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:058 http://git.kernel.org/?p=linux/kernel/git/luto/linux.git;a=commit;h=bc3b94c31d65e761ddfe150d02932c65971b74e2 http://v0ids3curity.blogspot.in/2014/12/return-to-vdso-using-elf-auxiliary.html http://www.openwall.com/lists/oss-security/2014/12/09/10 http://www.openwall.com/lists/oss-security/2015/01/09/8 RedHat Security Advisories: RHSA-2015:1081 http://rhn.redhat.com/errata/RHSA-2015-1081.html RedHat Security Advisories: RHSA-2015:1778 http://rhn.redhat.com/errata/RHSA-2015-1778.html RedHat Security Advisories: RHSA-2015:1787 http://rhn.redhat.com/errata/RHSA-2015-1787.html SuSE Security Announcement: SUSE-SU-2015:0178 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html SuSE Security Announcement: SUSE-SU-2015:0481 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html SuSE Security Announcement: SUSE-SU-2015:0652 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html SuSE Security Announcement: SUSE-SU-2015:0736 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html SuSE Security Announcement: openSUSE-SU-2015:0566 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html SuSE Security Announcement: openSUSE-SU-2015:0714 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html http://www.ubuntu.com/usn/USN-2513-1 http://www.ubuntu.com/usn/USN-2514-1 http://www.ubuntu.com/usn/USN-2515-1 http://www.ubuntu.com/usn/USN-2516-1 http://www.ubuntu.com/usn/USN-2517-1 http://www.ubuntu.com/usn/USN-2518-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-0275 1034454 http://www.securitytracker.com/id/1034454 75139 http://www.securityfocus.com/bid/75139 RHSA-2015:1778 RHSA-2015:1787 [linux-ext4] 20150218 [PATCH] ext4: Allocate entire range in zero range http://www.spinics.net/lists/linux-ext4/msg47193.html [oss-security] 20150223 CVE-2015-0275 -- Linux kernel: fs: ext4: fallocate zero range page size > block size BUG() http://www.openwall.com/lists/oss-security/2015/02/23/14 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0f2af21aae11972fa924374ddcf52e88347cf5a8 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html https://bugzilla.redhat.com/show_bug.cgi?id=1193907 https://github.com/torvalds/linux/commit/0f2af21aae11972fa924374ddcf52e88347cf5a8 https://support.f5.com/csp/article/K05211147 Common Vulnerability Exposure (CVE) ID: CVE-2015-1333 BugTraq ID: 76050 http://www.securityfocus.com/bid/76050 Debian Security Information: DSA-3329 (Google Search) http://www.debian.org/security/2015/dsa-3329 http://www.openwall.com/lists/oss-security/2015/07/27/7 http://www.ubuntu.com/usn/USN-2687-1 http://www.ubuntu.com/usn/USN-2688-1 http://www.ubuntu.com/usn/USN-2689-1 http://www.ubuntu.com/usn/USN-2690-1 http://www.ubuntu.com/usn/USN-2691-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-3212 1033169 http://www.securitytracker.com/id/1033169 76082 http://www.securityfocus.com/bid/76082 DSA-3329 SUSE-SU-2015:1324 http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html USN-2713-1 http://www.ubuntu.com/usn/USN-2713-1 USN-2714-1 http://www.ubuntu.com/usn/USN-2714-1 USN-2715-1 http://www.ubuntu.com/usn/USN-2715-1 USN-2716-1 http://www.ubuntu.com/usn/USN-2716-1 USN-2717-1 http://www.ubuntu.com/usn/USN-2717-1 USN-2718-1 http://www.ubuntu.com/usn/USN-2718-1 USN-2719-1 http://www.ubuntu.com/usn/USN-2719-1 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2d45a02d0166caf2627fe91897c6ffc3b19514c4 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.2 https://bugzilla.redhat.com/show_bug.cgi?id=1226442 https://github.com/torvalds/linux/commit/2d45a02d0166caf2627fe91897c6ffc3b19514c4 openSUSE-SU-2015:1382 http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html Common Vulnerability Exposure (CVE) ID: CVE-2015-4700 BugTraq ID: 75356 http://www.securityfocus.com/bid/75356 http://www.openwall.com/lists/oss-security/2015/06/23/2 http://www.securitytracker.com/id/1033046 SuSE Security Announcement: SUSE-SU-2015:1224 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html SuSE Security Announcement: SUSE-SU-2015:1478 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html SuSE Security Announcement: SUSE-SU-2015:1487 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html SuSE Security Announcement: SUSE-SU-2015:1488 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html SuSE Security Announcement: SUSE-SU-2015:1489 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html SuSE Security Announcement: SUSE-SU-2015:1490 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html SuSE Security Announcement: SUSE-SU-2015:1491 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html SuSE Security Announcement: SUSE-SU-2015:1592 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html SuSE Security Announcement: SUSE-SU-2015:1611 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html SuSE Security Announcement: openSUSE-SU-2015:1382 (Google Search) http://www.ubuntu.com/usn/USN-2679-1 http://www.ubuntu.com/usn/USN-2680-1 http://www.ubuntu.com/usn/USN-2681-1 http://www.ubuntu.com/usn/USN-2683-1 http://www.ubuntu.com/usn/USN-2684-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-5364 BugTraq ID: 75510 http://www.securityfocus.com/bid/75510 Debian Security Information: DSA-3313 (Google Search) http://www.debian.org/security/2015/dsa-3313 https://twitter.com/grsecurity/status/605854034260426753 http://www.openwall.com/lists/oss-security/2015/06/30/13 RedHat Security Advisories: RHSA-2015:1623 http://rhn.redhat.com/errata/RHSA-2015-1623.html RedHat Security Advisories: RHSA-2016:0045 http://rhn.redhat.com/errata/RHSA-2016-0045.html RedHat Security Advisories: RHSA-2016:1096 http://rhn.redhat.com/errata/RHSA-2016-1096.html RedHat Security Advisories: RHSA-2016:1100 http://rhn.redhat.com/errata/RHSA-2016-1100.html RedHat Security Advisories: RHSA-2016:1225 https://access.redhat.com/errata/RHSA-2016:1225 http://www.securitytracker.com/id/1032794 SuSE Security Announcement: SUSE-SU-2015:1324 (Google Search) http://www.ubuntu.com/usn/USN-2682-1 Common Vulnerability Exposure (CVE) ID: CVE-2015-5366
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.